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Abstract 


Recent statements from the Internet Architecture Board (IAB) and the 
Internet Corporation of Assigned Names and Numbers (ICANN) Security 
and Stability Advisory Committee have focused on the problems that 
the DNS is likely to experience with top-level domains (TLDs) that 
contain address records (so-called "dotless domains"). In order to 
help researchers determine the extent of the issues with dotless 
domains, this document lists the current dotless TLDs and gives a 
script for finding them. This document lists data about dotless TLDs 
but does not address the policy and technology issues other than to 
point to the statements of others. 


Status of This Memo 


This document is not an Internet Standards Track specification; it is 
published for informational purposes. 


This is a contribution to the RFC Series, independently of any other 
RFC stream. The RFC Editor has chosen to publish this document at 
its discretion and makes no statement about its value for 
implementation or deployment. Documents approved for publication by 
the RFC Editor are not a candidate for any level of Internet 
Standard; see Section 2 of RFC 5741. 


Information about the current status of this document, any errata, 


and how to provide feedback on it may be obtained at 
http://www.rfc-editor.org/info/rfc7085. 


Levine & Hoffman Informational [Page 1] 


RFC 7085 Already Dotless TLDs December 2013 


Copyright Notice 


Copyright (c) 2013 IETF Trust and the persons identified as the 
document authors. All rights reserved. 


This document is subject to BCP 78 and the IETF Trust’s Legal 
Provisions Relating to IETF Documents 
(http://trustee.ietf.org/license-info) in effect on the date of 
publication of this document. Please review these documents 
carefully, as they describe your rights and restrictions with respect 
to this document. 
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1. Introduction 


In the past few years, well-respected groups have issued documents 
about top-level domains in the DNS that contain address records 
(so-called "dotless domains"). The Security and Stability Advisory 
Committee (SSAC) of the Internet Corporation for Assigned Names and 
Numbers (ICANN) issued a report called "Report on Dotless Domains" 
[SACO53] in February 2012. The Internet Architecture Board (IAB) 
issued a statement called "Dotless Domains Considered Harmful" 
[IAB-DOTLESS] in July 2013. The New gTLD Program Committee of the 
ICANN Board of Directors (NGPC) approved a resolution on dotless 
domains [NGPC-DOTLESS] in August 2013. (The authors of this document 
note that they are not on the SSAC, the IAB, or the ICANN Board.) 


All of these documents consider the effects of dotless domains 
without describing the extent of their current deployment. In order 
to help researchers determine the extent of the problems with dotless 
domains, this document lists the known dotless domains at the time of 
publication and shows how researchers can find them in the future. 

In this document, we consider any TLD with an A, AAAA, and/or MX 
record at the apex to be dotless. This document is meant to provide 
current data to the Internet community but does not give advice. 
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Many people have expressed a belief that ICANN prohibits all TLDs 
from being dotless. That belief is not true; ICANN's policies apply 
only to their contracted TLDs. This document shows the extent to 
which dotless domains exist today. 


Current Dotless Domains 


This section shows the dotless domains we found on September 3, 2013, 
using the script in Appendix A. The data was nearly constant for 
many months, with very few additions or deletions of records. 


We checked every TLD in the root zone to see which ones had A, AAAA, 
or MX records. We found that about 5% of the TLDs did, and all of 
the TLDs that do are two-letter TLDs or country code TLDs (which are 
also known as ccTLDs). 


TLDs with A Records 


At the time this document is published, the following TLDs have A 
records. 


AC has address 193.223.78.210 
AI has address 209.59.119.34 
CM has address 195.24.205.60 
DK has address 193.163.102.24 
GG has address 87.117.196.80 
IO has address 193.223.78.212 
je has address 87.117.196.80 
KH has address 203.223.32.21 
PN has address 80.68.93.100 
SH has address 193.223.78.211 
TK has address 217.119.57.22 
TM has address 193.223.78.213 
TO has address 216.74.32.107 
UZ has address 91.212.89.8 

VI has address 193.0.0.198 

WS has address 64.70.19.33 


TLDs with AAAA Records 


At the time this document is published, the following TLD has an AAAA 
record. 


DK has IPv6 address 2a01:630:0:40:bla:bla:2011:1 
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2.3. TLDs with MX Records 


At the time this document is published, the following TLDs have MX 
records. The SSAC report implies, but does not explicitly say, that 
MX records would cause a TLD to be considered dotless; the IAB report 
does not mention MX records at all. 


AI mail is handled by 10 mail.offshore.Al. 

AX mail is handled by 5 mail.aland.net. 

CF mail is handled by 0 mail.intnet.CF. 

DM mail is handled by 10 mail.nic.DM. 

GP mail is handled by 10 nsl.worldsatelliteservices.com. 
GP mail is handled by 5 nsl.nic.GP. 

GT mail is handled by 10 ASPMX.L.GOOGLE.COM. 

GT mail is handled by 20 ALT1.ASPMX.L.GOOGLE.COM. 
GT mail is handled by 20 ALT2.ASPMX.L.GOOGLE.COM. 
GT mail is handled by 30 ASPMX2.GOOGLEMAIL.COM. 
GT mail is handled by 30 ASPMX3.GOOGLEMAIL.COM. 
GT mail is handled by 30 ASPMX4.GOOGLEMAIL.COM. 
GT mail is handled by 30 ASPMX5.GOOGLEMAIL.COM. 
HR mail is handled by 5 alpha.carnet.HR. 

IO mail is handled by 10 mailer2.I0. 

KH mail is handled by 10 nsl.dns.net.KH. 

KM mail is handled by 100 maill.comorestelecom. KM. 
LK mail is handled by 10 malithi-slt.nic.LkK. 

LK mail is handled by 20 malithi-lc.nic.LkK. 

MQ mail is handled by 10 mxl-mq.mediaserv.net. 

PA mail is handled by 5 ns.PA. 

TT mail is handled by 10 ALT1.ASPMX.L.GOOGLE.COM. 
TT mail is handled by 1 ASPMX.L.GOOGLE.COM. 

UA mail is handled by 10 mr.kolo.net. 

VA mail is handled by 100 raphaelmx3.posta.VA. 
VA mail is handled by 10 raphaelmxl.posta.VA. 

VA mail is handled by 10 raphaelmx2.posta.VA. 

WS mail is handled by 10 mail.worldsite.Ws. 

YE mail is handled by 10 mail.yemen.net.YE. 


3. IANA Considerations 
The script in Appendix A relies on IANA continuing to publish a copy 


of the TLDs in the root zone at 
<http://data.iana.org/TLD/tlds-alpha-by-domain.txt>. 
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4. Security Considerations 


This document lists the known dotless domains; it does not express an 
opinion whether or not there are security considerations with the 
existence of dotless domains. The referenced IAB and SSAC reports 
discuss the opinions of the respective bodies on the security and 
stability considerations of dotless domains. 


5. Acknowledgements 


Andrew Sullivan and Marc Blanchet gave helpful comments on this 
document. 


6. Informative References 


[IAB-DOTLESS] 
Internet Architecture Board, "Dotless Domains Considered 
Harmful", July 2013, <https://www.iab.org/2013/07/10/ 
iab-statement-—dotless—domains-—considered-harmful/>. 


[NGPC-DOTLESS] 
New gTLD Program Committee of the ICANN Board, "Approved 
Resolution on Dotless Domains", September 2013, 
<http://www.icann.org/en/groups/board/documents/ 
resolutions-—new-gtld-13aug13-en.htm>. 


[SAC053] ICANN Security and Stability Advisory Committee, "SSAC 
Report on Dotless Domains", February 2012, 
<http://www.icann.org/en/groups/ssac/documents/ 
sac-—053-en.pdf>. 


Levine & Hoffman Informational [Page 5] 


RFC 7085 Already Dotless TLDs December 2013 


Appendix A. Script for Finding Dotless Domains 


The following Bourne shell script was used for finding the data in 
this document. The authors believe that this script will work 
correctly on a wide variety of operating systems and will continue to 
do so in the foreseeable future. As is customary in the current 
legal environment, the authors make no assurance that the script is 
correct or that the script will not cause damage on a system where it 
is run. 


The script checks each nameserver for each TLD instead of just doing 
a simple query because the nameservers for some of the TLDs have 
inconsistent data in them with respect to the records shown here. 


#! /bin/sh 
# Get the current list of TLDs from IANA 
wget -O orig.txt http://data.iana.org/TLD/tlds-—alpha-by-—domain.txt 
# Remove the comment at the top of the file 
grep -v '’*#’ orig.txt > TLDs.txt 
# Get all the nameservers 
while read tld; do host -t NS $tld; done < TLDs.txt > TLD-servers.txt 
# Do queries for each record type, and do them on each nameserver 
for rec in A AAAA MX; do 

while read tld ignorea ignoreb ns; do 

host -t S$rec Stld. $ns; 

done < TLD-servers.txt; 
done > all-out.txt 
# Print the results 
grep "has address" all-out.txt | sort -uf 
grep "has IPv6" all-out.txt | sort -uf 
grep "mail is handled" all-out.txt | sort -uf 
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